Apple pulls infected apps after malware strikes App Store

Beijing • Apple Inc. has removed some applications from its App Store after developers in China were tricked into using software tools that added malicious code in an unusual security breach.

The first sign of trouble appeared over the weekend, after security researchers from Palo Alto Networks discovered that 39 iPhone and iPad apps were infected with malware. All of the affected apps were developed in China, and they all used a modified version of Apple’s software development kit, known as Xcode, which had been manipulated by hackers. “We’ve removed the apps from the App Store that we know have been created with this counterfeit software,” Apple said in a statement. “We are working with the developers to make sure they’re using the proper version of Xcode to rebuild their apps.” Though Apple makes Xcode available for free on its website, the hackers were able to convince the Chinese app makers to download Xcode from their servers instead of Apple’s.

It’s not yet known why the Chinese developers downloaded Xcode from the hackers, but it’s possible the app makers were looking for a faster way to retrieve the Xcode software. A number are from China, including Tencent’s WeChat, NetEase music app, and Didi Kuaidi’s Uber-like car-hailing service, though others—like business card scanner CamCard—are available internationally. The malicious code spread through a counterfeit version of Apple’s Xcode tools used to create apps for its iPhones and iPads, according to the company. But in a follow-up post, the firm said XcodeGhost can also prompt fake dialog boxes to phish your data, open specific URLs, and read and write data on a clipboard, “which could be used to read the user’s password if that password is copied from a password management tool.” Apple did not immediately respond to PCMag’s request for comment. The creators of the malware took advantage of public frustration with Beijing’s Internet filters, which hamper access to Apple and other foreign websites.